Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1ZeeU9j62NvJKJAjYyyIcdHePfA.roa
File: 1ZeeU9j62NvJKJAjYyyIcdHePfA.roa (raw, json)
Hash identifier: o8UJJUM4yPnoumdk8vOV+HpfTuwLwE6Szfsse3PVx3I=
Subject key identifier: D5:97:9E:53:D8:FA:D8:DB:C9:28:90:23:63:2C:88:71:D1:DE:3D:F0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D7D09E09ECCA90F9FA1361031ECBD1D82
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1ZeeU9j62NvJKJAjYyyIcdHePfA.roa
Signing time: Tue 06 Feb 2024 06:10:15 +0000
ROA not before: Tue 06 Feb 2024 06:10:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 212.192.244.0/24 maxlen: 24
2a03:3ae0::/29 maxlen: 29
2a07:e4c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 06 Feb 2024 10:32:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:09:e0:9e:cc:a9:0f:9f:a1:36:10:31:ec:bd:1d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 6 06:10:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5979e53d8fad8dbc9289023632c8871d1de3df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bd:a8:a0:a4:30:26:69:5b:8b:9f:e8:d0:4b:
82:95:db:64:a8:bd:3c:43:02:d0:77:cf:1d:81:e8:
ac:b3:ea:cd:7c:9e:98:7e:3b:2f:31:81:68:5c:61:
29:c8:08:79:91:6e:86:6c:0f:05:78:a6:f2:5b:2d:
53:ad:46:47:8c:88:b3:87:bb:d1:18:2b:13:8e:b8:
1b:2b:d7:9b:f1:4f:29:00:5a:a7:68:17:41:22:c2:
87:d7:5a:64:4c:3f:6d:f9:41:09:18:73:c7:d5:bd:
8f:b4:16:57:8f:c2:62:3b:a5:88:17:56:13:a2:a9:
89:4e:61:de:61:48:f2:25:40:97:46:8e:77:aa:0b:
75:04:cb:e0:a6:b8:ed:16:10:f3:2f:80:e4:bf:54:
3a:d6:93:7f:bb:53:aa:e7:0d:ad:83:c4:4c:9d:68:
4c:a3:8a:2c:70:1e:93:8b:e0:08:92:e8:46:85:be:
ba:cf:fb:24:f4:54:aa:95:66:db:37:57:0c:04:50:
b9:fa:6e:7a:0b:1a:74:eb:70:b3:f1:67:62:e2:cb:
54:65:84:07:43:f3:0a:4d:7f:6b:8f:98:c9:b1:fa:
6e:c2:4f:ad:5b:ec:2c:34:3b:af:5a:79:a6:d0:15:
86:2b:d4:ae:bf:37:ca:5a:c6:21:d9:79:ea:53:3f:
81:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:97:9E:53:D8:FA:D8:DB:C9:28:90:23:63:2C:88:71:D1:DE:3D:F0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1ZeeU9j62NvJKJAjYyyIcdHePfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.244.0/24
IPv6:
2a03:3ae0::/29
2a07:e4c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
24:c6:fa:7f:f8:e0:ad:2e:e8:4b:d1:da:b9:84:5a:1d:d4:72:
56:68:f0:e7:db:0b:a8:3c:d3:e8:49:8e:1d:7e:02:a1:f9:9c:
1f:78:27:7d:1b:69:ff:70:18:df:a6:25:e2:45:4e:9e:dd:e5:
9d:3a:d4:a9:93:fd:af:33:05:f6:11:03:cd:ce:71:d2:f8:94:
27:59:18:7d:f5:dd:5b:aa:d2:95:78:5f:98:da:1b:0e:08:c9:
4f:9b:6c:18:0d:29:eb:91:e2:b5:ef:a5:77:f4:18:17:53:95:
a3:99:77:01:cb:b9:91:2c:f1:27:f0:08:e9:0d:0a:90:6a:0a:
76:35:4e:7c:70:60:e3:15:2e:3f:6b:29:36:f9:51:99:dc:3a:
26:6b:30:85:e0:13:62:62:22:13:08:b8:6d:81:f9:db:be:b6:
8c:6c:d6:89:05:41:c7:dd:6e:39:5e:72:63:c5:58:c9:d1:6b:
7e:49:dc:89:91:d6:20:77:a8:c5:7f:46:44:c4:ac:32:0a:ec:
3a:a1:4a:f4:6a:e8:41:ad:07:a1:ae:d3:14:38:70:07:ea:f3:
e1:95:7a:44:9b:2f:e0:a1:ea:bc:b1:a3:78:e5:5e:bc:97:32:
32:fd:bc:f4:fd:8d:76:4a:97:95:c7:52:f0:c5:4b:4a:fc:12:
c4:03:c5:54
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY19CeCezKkPn6E2EDHsvR2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA2MDYxMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk3OWU1M2Q4ZmFkOGRiYzkyODkwMjM2MzJjODg3MWQxZGUzZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb2ooKQwJmlbi5/o0EuCldtkqL08
QwLQd88dgeiss+rNfJ6YfjsvMYFoXGEpyAh5kW6GbA8FeKbyWy1TrUZHjIizh7vR
GCsTjrgbK9eb8U8pAFqnaBdBIsKH11pkTD9t+UEJGHPH1b2PtBZXj8JiO6WIF1YT
oqmJTmHeYUjyJUCXRo53qgt1BMvgprjtFhDzL4Dkv1Q61pN/u1Oq5w2tg8RMnWhM
o4oscB6Ti+AIkuhGhb66z/sk9FSqlWbbN1cMBFC5+m56Cxp063Cz8Wdi4stUZYQH
Q/MKTX9rj5jJsfpuwk+tW+wsNDuvWnmm0BWGK9SuvzfKWsYh2XnqUz+BdwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNWXnlPY+tjbySiQI2MsiHHR3j3wMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMVplZVU5ajYyTnZKS0pBall5eUljZEhlUGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQA1MD0MBsE
AgACMBUDBQMqAzrgAwUDKgfkwAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBACTG
+n/44K0u6EvR2rmEWh3UclZo8OfbC6g80+hJjh1+AqH5nB94J30baf9wGN+mJeJF
Tp7d5Z061KmT/a8zBfYRA83OcdL4lCdZGH313Vuq0pV4X5jaGw4IyU+bbBgNKeuR
4rXvpXf0GBdTlaOZdwHLuZEs8SfwCOkNCpBqCnY1TnxwYOMVLj9rKTb5UZncOiZr
MIXgE2JiIhMIuG2B+du+toxs1okFQcfdbjlecmPFWMnRa35J3ImR1iB3qMV/RkTE
rDIK7DqhSvRq6EGtB6Gu0xQ4cAfq8+GVekSbL+Ch6ryxo3jlXryXMjL9vPT9jXZK
l5XHUvDFS0r8EsQDxVQ=
-----END CERTIFICATE-----
Generated at Tue Feb 6 15:04:14 2024 by rpki-client on console-ams.rpki-client.org